On Mon, Mar 11, 2024 at 10:30:19PM -0700, Glenn Tenney wrote:
> > Right, the missing "client=" is because the message was not accepted,
> > and so no queue id was assigned. It seems this was before the changes
> > to master.cf were made effective.
>
> Ok... that does sound like it's always been this way...
> So, any idea of what's causing that?
As I mentioned, "client=" is logged for messages that are accepted, that
wasn't yet the case in the examples you posted. So nothing to see here,
move along.
> Just wondering, could it maybe be "-o
> smtpd_sasl_security_options=noanonymous" -- I'm just asking because I
> saw "Anonymous TLS connection established from
> mail-ua1-f50.google.com[209.85.222.50]" in the logs I've sent.
Your intuiting is way off base, best to resist the temptation to make
guesses. If you don't know, that's fine, no need to waste time chasing
shadows, just ask.
> > Well, if you've restarted Postfix after those changes, it should now
> > work (a "reload" should actually suffice, but a restart is harmless for
> > a low-volume personal server).
>
> Oh, I always do "sudo postmap main.cf" when editing it and then, again
> always, do "sudo service postfix restart" after every change before
> every test.
That's pointless, "main.cf" is not a table that needs to be indexed.
What you should be running through "postmap" is various "hash:" or
"btree", ... tables defined in your configuration, after changing the
source file.
Well, at this point, post in one message:
- Logging of a submission failure postdating your most recent
changes and "postfix restart".
- Output of: postmap -q au...@domain.name $(postconf -xh
smtpd_sender_login_maps)
- Output of: postconf -nf
- Output of: postconf -Mf
And do double-check that the (I assume obfuscated in your posts) "auser"
in the log entries match the lookup key used in the postmap query, and
the reported value matches the logged mismatch.
Mar 8 20:41:08 MACHINE postfix/submission/smtpd[28831]: NOQUEUE:
reject: RCPT from mail-oo1-f41.google.com[209.85.161.41]: 553 5.7.1
<au...@domain.name>: Sender address rejected:
That's the envelope sender address that should be the lookup key in your
table.
not owned by user auser;
That's the authenticated SASL user name that should be the corresponding
value.
from=<au...@domain.name> to=<anotheru...@anotherdomain.name>
proto=ESMTP helo=<mail-oo1-f41.google.com>
This is is just context. Clearly the lookup table did NOT return
"auser" for that address, otherwise the message would not have been
reject as a sender-login mismatch.
Where is your configuration directory? Are you editing
"/etc/postfix/main.cf", or /usr/local/etc/postfix/main.cf?
Which "postfix" command are you running, "/usr/sbin/postfix" or
"/usr/local/sbin/postfix"? You probably have Postfix both in the base
system and from ports. Make sure you're editing the files and using the
commands from /usr/local... And that the Postfix that is running
(master process, and service daemons) are also the ones from
/usr/local/libexec...
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
